Dishing Tech

Dishing Tech is a unique tech blog that offers news, how to's, tips, tweaks on pretty much anything tech related. We Dish out the latest news on gadgets and hardware. Provide Mac and iDevice reviews as well as provide tutorials on hacking, jailbreaking, internet security and visualisation.

25 July 2012

How to Install Reaver Pro in BackTrack

    1. Reaver ProSpecial Price! Today! while stocks last $100 Reaver Pro II / AWUS036H $19.99
      1) Copy promo code: OPENSOURCE
      2) Click this link

    2. The Ultimate WPA/WEP/WPA2 WPS Enabled hacking device

What is Reaver?
Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases.

Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations.

On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.

Download Reaver Pro BackTrack / Ubuntu installer files (20mb) 

Support & More Information

Download (MirrorCreator Multiple Mirrors)

Mirror Options

Download Reaver Hot Pursuit VMware BackTrack Edition (3.5GB)

Support & More Information

Download (MirrorCreator Multiple Mirrors)

Original Reaver Pro ISO (1GB) 

Support & More Information

Download (RapidShare)

We have many direct and mirror downloads for you to choose from, we have listed one each. However, if you want more options, that will require you to signup to

This only works for KDE versions of BackTrack 5 & Ubuntu and other distros such as Blackubuntu. BackTrack R2 also has formatting issues, so if you use BackTrack, use R1 or 5.

There is a Gnome version of the installer files (inside the first download link) that you can attempt to get working. 

If you would like help if you are having problems or if you want to report your success in the appropriate links above.

This was made only possible due to Dev-point (Arabic Forum) and developer Hot_PursuiT

Reaver Pro Review

Reaver Pro @Google Code

Tactical Network Solutions (developers of Reaver)

Buy the Reaver Pro Kit

15 July 2012

Xiaopan 0.4.3 | Kick Ass Edition

Finally Xiaopan 0.4.3 will be released with Firefox and Pidgin. Get ready! Signup to Xiaopan Forums if you haven't already. Visit and when the time runs out, click the countdown timer to be taken to the download (registered users only). Get in quick as we will be providing a fast dropbox direct link which expires after 500 downloads and an alternative slower and torrent link afterwards.

Check out the video to see our new exciting features, Enjoy :)

What's New
This version is a major step up from the previous version. A completely new graphical user interface that aims to please both users who use it live and througvirtualisationAs always this is cross platform Windows / Mac / Linux and works well via Live CD or USB. Xiaopan 0.4.3 Beta | 120mb, Codename: 'Little Monster':

Xiaopan OS 0.4.3 Fresh New Desktop

With this version our main aim was not just to create an OS packed with wireless penetration tools. A major issue with previous versions is that they had nothing else to add value to the user experience. So we have included other packages for those who will use this live so they can multitask:

AIM | Bonjour | Gadu-Gadu | Google Talk | Groupwise | ICQ | IRC | MSN | MXit | MySpace | SILC | SIMPLE | Sametime | XMPP (in. Facebook) | Yahoo! | Zephyr

Multi Messenger Client Support

Internet Browser Support

Flash Support: This will allow you to visit Youtube and watch videos, which would be great for looking at tutorials or simply checking out that latest funny video.

Install Apps You Need

Text Editor: Great for when you need to copy and paste text from say firefox to terminal.

Multiple Desktops: As a way of keeping the clutter down you have 4 virtual desktops to choose from. So you could have Minidwep going on the 1st desktop, a game in the 2nd, checking out Xiaopan Forums on the 3rd and copying text into the editor in the 4th.

Games: Yes, we have added some games, so when you are trying to crack with Reaver for 5hrs you have something else you can do except watch those progress lines. :D

Music Player: Listen to your favourite music while you do what you do. You will have to add the music by adding it to the ISO which may significantly increase the size of it.

Wallpaper: We have a new cool looking logo for Xiaopan OS, behind the design has some meaning.

Windows Management: Changed the TCL wallpaper with our newly designed and winner of the Xiaopan OS Logo competition.

LXDE Version: We also have an LXDE version on its way which looks even more amazing, hopefully that will be released in a week or so as well.
LXDE Desktop

Beta Testing & Release Information
This is a beta release so understand that there are some issues that need fixing before we can release this to our members. Please be patient during this time.

This is why we are releasing this early to VIP members as a way of keeping the download contained as well as being able to receive valuable feedback and report bugs. I will also ask you VIPs to not share the download links with others and ignore / report personal requests for the download.

Please report bugs and suggest improvements in the [VIP] Xiaopan OS 0.4.3 Beta | Download Available thread.

Credits Go To forums:
:tired hazz death for dedicating hours upon ours of entirely developing this release on his own for you guys.
:idea Fantasma for providing valuable feedback, troubleshooting and testing.
:hitler Mr. Penguin for dictating them through the process and writing this review.

Check This Out

Release Date for All Members
We are hoping to release this to everyone in a week but this is a loose estimation and could vary wildly. Please be patient.

Known Issues
• Flash only working for youtube and no sound. (Will be asking SneekyLinux for help).
• Boot is slow or appears to be slow compared to other versions, this is because we are loading more in the Core from startup.

How to Connect to Facebook via Pidgin? Click Here
How to Make Flash Work? Click Here

MD5 Checksum

07 July 2012

Reaver Pro Download & Review

      1. Reaver Pro
        Special Price! Today! while stocks last $100 Reaver Pro II / AWUS036H $19.99
        1) Copy promo code: OPENSOURCE
        2) Click this link

      2. The Ultimate WPA/WEP/WPA2 WPS Enabled hacking device

I finally managed to get my hands on the Reaver Pro software and initial speculations that it was running Linux were correct. Ubuntu 10.04 to be in-fact. I used Parallels Desktop for virtualisation and it worked quite well. It took a few minutes to boot but when it did it entered the Reaver Pro GUI. It is a web interface which surprises me and it uses the Firefox broswer. I had no problem with my RTL8187L device and it was able to scan for networks and crack pins. I was able to access the Ubuntu desktop by clicking alt+F9 to minimise the window. It has a bunch of other software installed which is not really needed. Openoffice is one example of something that is not needed. 

At 958mb it is quite a large download and it can't even fit onto a CD. I reckon I will be able to shave off 500mb from the ISO so it can fit onto a CD as well as being a smaller download.

One of the best things I have discovered is that you do not need to buy the Reaver Pro Kit which costs $99.00. It is also compatible with other cards such as the AR9285 Internal devices.

There are no expert options in the web interface. There is simply a play, pause and stop button. Nonetheless, it is possible to use command line reaver from terminal to tweak settings for better performance as well as to diagnose any errors with the -vv flag.

Summing up, if I bought the kit I would be extremely annoyed because the cost is so high. Sure it is easier for beginners to use it but command line is always better as you are able to learn more and tweak those settings. So depending on who you are and what you want Reaver Pro may or may not be what you are looking for. Some people state that Reaver Pro is better than the open source software. I think it is the same thing and the Pro is having a placebo effect on customers.

Think about this before you download and waste your time:

There is nothing pro about Reaver Pro. It is purely for beginners and your best bet for a Pro version would be to use command line reaver or tinker with expert settings wrapped in a GUI called Inflator which you can find here. If you don't have the hardware, buy a compatible ALFA AWUS036H or AWUS036NHA device online and save yourself the money.

If you still want it, you can Download Reaver Pro here, We also offer good technical support if you need it. This is my video review, enjoy:

Reaver Pro Doing it's Thing

Reaver Pro History

Reaver Pro Survey

Reaver Pro Desktop

02 July 2012

Hijacked Google Account...Almost

I came close to having my google account hijacked today from a phishing attempt. I am quite careful and smart when it comes to these type of attacks. I let my guard down in this instance. I was extremely sleepy and after some Googling it looked legitimate so I clicked on the link to reject the request. My Google Chrome browser should have informed me that it was a suspected phishing site, but clearly it wasn't identified quick enough.

Looks Legitimate, even the favicon.

This is what was sent to me via email:


Your Request to grant <> access to read, delete and send mail on your behalf.

To learn more about why you might have received this message, please

Please do not respond to this message. If you'd like to contact the Gmail Team, please log in to your Gmail account and click 'Help'. 

Little did I realise that they didn't link to at all but they were masked, a simple hover of the link would have told me so:

I should have looked at what email address it was sent from: accounts-noreply <>. Last time I checked google was with two O's. I am also lucky to have different passwords for all my online accounts (I use 1password). If you have the same password for many of your different online accounts you would be screwed. Luckly I was able to change my password immediately and anyone who was stung please change your password ASAP. I have also moved to a much secure option. Having Google Two-Step verification. In a nutshell this means I have separate google generated passwords with each non browser app I have. Not only would hackers need to get your password, they would also need my phone to do so. This is a much secure option. It does take some setting up, but it is all in the name of security and it is worth it.

Here is some additional info:
Received: by with SMTP id g12csp51535wfh; Mon, 2 Jul 2012 04:14:12 -0700 (PDT)
Received: by with SMTP id c21mr15094357yhh.51.1341227651682; Mon, 02 Jul 2012 04:14:11 -0700 (PDT)
Received: from ( []) by with ESMTP id b26si9348059yhe.124.2012.; Mon, 02 Jul 2012 04:14:11 -0700 (PDT)
Received: from ([]:39884 by with esmtp (Exim 4.69) (envelope-from <>) id 1Slea1-0002CY-RE for; Mon, 02 Jul 2012 07:14:09 -0400
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.4675); Mon, 2 Jul 2012 07:14:10 -0400
Return-Path: <>
Received-Spf: temperror ( error in processing during lookup of DNS timeout) client-ip=;
Authentication-Results:; spf=temperror ( error in processing during lookup of DNS timeout)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_001_66F1_54D34CDB.64E60CD1"
X-Mailer: Smart_Send_2_0_132
Message-Id: <32561936506961321122408@vps>
X-Originalarrivaltime: 02 Jul 2012 11:14:10.0287 (UTC) FILETIME=[CDD3B7F0:01CD5843]
X-Acl-Warn: {
X-Antiabuse: This header was added to track abuse, please include it with any abuse report
X-Antiabuse: Primary Hostname -
X-Antiabuse: Original Domain -
X-Antiabuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-Antiabuse: Sender Address Domain -

01 July 2012

Demonoid Invites

DishingTech is offering our wonderful readers Demonoid invites. Demonoid is a one of the best Torrent trackers and providers. They are also the most exclusive, requiring new budding members to have an invite to register most of the time.

How to get a Demonoid Invite
Step 1: Simply like our facebook page
Step 2: Invite your facebook friends to our page (Optional)
Step 3: Write a comment at the bottom of this page
Step 4: We will generate an invitation code via the 'Gate Keeper'
Step 5: We will send you an invite via your Disqus email address so be sure you do not provide a fake email address one.
Step 6: We will reply to your comment and you will receive a notification
Step 7: Visit this registration page and paste the code we sent to your email address.

Note 1: Public registrations are closed, you must have an invitation code provided by a current member to be able to register.

Note 2: Invitations are free. Selling invitations is not allowed. If you paid for your invitation, it will be banned. Don't be fooled, there is no such thing as an authorised seller.

30 June 2012

Blacklist Disposable / Temporary Email Addresses for Forums

Here is a list of online web services that offer disposable email addresses. Many people use these to protect their main email addresses and protect them from spam. Many use them because they are quick to make and spammers use them frequently for bulk forum signups. If you have a big board, you will soon see yourself swimming in spam.

As a respectable XenForo forum owner who rarely emails users and takes pride in member privacy there is no need for a disposable email address.

If someone can't provide me with their real email address they get their account banned. Because they cannot receive email notifications and in most cases are there to leach or have no interest in being a valuable member of the community. 

* Denotes wilcards

List of Blogger Country Domains for Adsense

Recent changes to Blogger has meant that blogger blogs are being redirected to the country in which visitors are visiting from. For instance, my address was previously Because I am Australia, it redirects to Google Support states the following:

Why does my blog redirect to a country-specific URL? (ccTLD)

Q: Why am I seeing a URL change?
A: In the next few months the website address of a blog you're reading may be redirected to a country-specific domain. For example, if you're in Australia and viewing [blogname], you might be redirected to [blogname] The country-specific domain should correspond to the country where you're currently located.

Q: Why is this happening?
A: We are doing this to provide more support for managing content locally. If we receive a removal request that violates local law, that content may no longer be available to readers on local domains where those laws apply. This update is in line with our approach to free expression and controversial content, which hasn’t changed.

Source & More Info: Google Support
Can't Access Your

You can still access your the .com version of your Blogger blog by typing: http://[blogname] – which always goes to the .com version of the blog. The “no country redirect” (ncr) will temporarily prevent Blogger from redirecting readers to the local version of the blog.

What does this mean for Adsense? 

You have to authorise your sites with Google Adsense otherwise the ads that are displayed. E.g. at I will not receive a commission because I have not authorised the site. I am particularly hurt by this as a significant amount of traffic comes from Malaysia. This should increase your Adsense page views, Clicks and Page CTR. Google Support explains it best:

What happens to sites I don't authorize?

If a URL displaying your ad code is not on your list of authorized sites, ads will still show on that URL, and impressions and clicks will be recorded. However, advertisers will not be charged, and you will not receive any earnings for that site. Our systems might attribute a few impressions to sites that you do not control and that do not directly have your ad code on them. Check possible reasons for this.

If you don't add a site to the authorized sites list, and you place your ad code on it, ads will continue to appear on the site but you won't earn from them. Therefore, please enable this feature with caution to avoid missing out on valid revenue.
Source & Read More: Google Support

How do you Authorize sites to display ads 
Site authorization is an optional feature that allows you to identify only specific sites that are permitted to use your Google ad code. If you're particularly concerned about malicious use of your ad code by others, you may wish to use this feature as a precaution.

How to Authorise your sites
1. Sign in to your account
2. Visit the Home tab, then Account settings in the left hand panel
3. In the "Access & authorization" section, next to "Sites authorized to show ads," click edit.
4. Check the box marked Only allow certain sites to display ads for my account.
5. Enter the URL of the sites that you want to authorize, then click save

Your changes should take effect within 48 hours.

Source & Read More: Google Support

Use the following complete list as a guide to adding all the blogger country domains. Also note that if you add invalid domains the page will tell you. Do not edit these manually. CTRL + F then replace all dishingtech with the name of your blog with a text editor. Do not add http://. I have also added a number of other ones that get used quite frequently. Another good place is to see your traffic stats and you will know from where you are getting traffic. Unfortunately you will miss some because of some websites will use iframes and you code. However, if you do this 99% of ads that are clicked should generate you more much deserved revenue.

Worried about Not Listing Authorised Sites?
Google Adsense will let you know on the home page if you are losing revenue because you haven't authorised a number of sites by displaying this message:

Your ads have recently appeared on websites you haven't authorised. To avoid lost revenue, make sure that you authorise any sites where you display ads by visiting your account settings.

Be sure to check regularly and authorise them^

List of Blogger Country URLs, TLDs, Domains or whatever you want to call them

Note that many do not exist yet, but they may in the future (e.g. CN = China). Better to be safe than sorry :) 

Other Useful Ones (For Myself and Others)

Related Posts Plugin for WordPress, Blogger...